CyberRes, a business line of Micro Focus, launched Fortify Scan pipe and FortifyToolsInstaller, now allowing developers to install Fortify tools into any existing CI / CD pipeline.
With these releases, CyberRes has completed another product initiative around DevSecOps to provide developers with a more comprehensive and automated Static Application Security Testing (SAST) user experience.
“Going beyond early adopters to mainstream has driven the evolution of DevSecOps beyond basic integration and it continues to be pushed by the rush to the left,” said Dylan Thomas, Head of the management of Fortify products for CyberRes. “Security needs to keep pace with the ‘everything as code’ era, and Fortify is focused on transforming AppSec from sticking point to activation – without sacrificing quality – by delivering a seamless user experience.” and flexibility to adapt to the needs of any software team. ”
With automated workflows designed for DevSecOps, Fortify’s broad integration ecosystem leverages investments and workflows in current tools and reduces friction by integrating security into current processes. These capabilities now allow integration with virtually any CI / CD system such as AWS CodeStar, Bitbucket Pipelines, Github Actions, and GitLab Pipelines.
With these releases, Fortify now provides organizations with:
- Easy-to-use, out-of-the-box pipeline integration
- Ability to automate orchestration across all containers used by existing CI / CD pipelines
- Ability to scan raw source code as it builds
- Prioritized SAST scan results to focus developer remediation efforts on the most important vulnerabilities
- Direct feedback on the Fortify platform for even more comprehensive results and coverage
Fortify provides comprehensive solutions for on-premises, SaaS, and as a service offerings that give customers the flexibility of choice based on their application security needs. This comprehensive portfolio automates testing throughout the CI / CD pipeline so developers can quickly resolve issues and key stakeholders have visibility into the security of their applications.